DJI Firmware Hacking Removes Drone Flight Restrictions


Drones have been taking over the world, everyone with a passing interest in making videos has one and DJI firmware hacking gives you the ability to remove all restrictions (no-fly zones, height and distance) which under most jurisdictions is illegal (mostly EU and FAA for the US).

DJI Firmware Hacking Removes Drone Flight Restrictions

It’s an interesting subject, and also a controversial one as people are worried that it could cause a drone to collide with a passenger plane (although in all honestly, I’m not sure how much damage a 1kg drone would do – some geese are much heavier).

Drone hackers in the UK are busy at work exploiting the application security shortcomings of a major manufacturer to circumvent restrictions, including flight elevation limits. DJI says it has pushed out a firmware update to nip the problem in the bud, but one expert The Register spoke to maintains that hacking is still possible.

The potential for drone hacking can be traced back to a mistake made by DJI in leaving development debug code in its Assistant 2 application. Changes could be made by commenting out one line in a file and setting the debug flag from false to true. The shortcoming exposed a full range of parameters that enabled hackers to turn off safeguards.

“It’s looks like ‪#DJI‬’s ‪#Spark‬ was jailbroken due to poor app security? Leaving dev code & passwords in the app was probably not a good idea,” UAVHive, a UK-based drone enthusiast community, said in a Twitter update.

Other DJI products – including the Phantom and Inspire 2 – have had the same jailbreak proven.


It seems DJI have left debugging code in the production app which enables hackers to change parameters via the DJI Assistant 2 application.

It’s also an act of hackers against DJI for limiting the behaviour of their drones, with many complaints of false positives on no-fly zones and the height restrictions being overly cautious.

DJI has been warned repeatedly since at least April, if not before, by Kevin Finisterre, a drone security expert, among others. Despite this, critics say DJI failed to act.

Concerns centre on the application security risks posed by the presence of DJI debug code in publicly released applications, something that creates a backdoor for hackers to meddle with the technology.

Recently numerous underground groups of drone users have sprung up and are collaborating on removing restrictions from their drones and even change performance parameters. For example, a Facebook group for drone enthusiasts included hackers in its ranks. A Slack group is even more active and seems to be where a lot of the actual effort is taking place, we’re told.

“The main focus of efforts is removing height restrictions with ongoing efforts to remove no-fly zones, there’s even secret groups of drone pilots now having height competitions to see who can push their drone’s performance the furthest,” a source told El Reg. “A lot of this extreme behaviour by DJI owners is a direct backlash at DJI for adding a range of restrictions including having to connect to their servers via the internet. Recently, for example, DJI’s infrastructure was down and users complained they were grounded as a result. The no-fly zone database has many false positives.”

With drones getting cheaper and more accessible (Like the DJI Spark), this is bound to happen more and more and I think there is a certain responsibility that lays with drone manufacturers to ensure their drones are safe from tampering.

What do you think? Yay or nay? Are the restrictions necessary, or can people generally make responsible decisions by themselves?

Source: The Register

Posted in: Exploits/Vulnerabilities, Hardware Hacking, Legal Issues


Latest Posts:


Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)
Binwalk - Firmware Security Analysis & Extraction Tool Binwalk – Firmware Security Analysis & Extraction Tool
Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering & extracting of firmware.
zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors


Comments are closed.